Configurable endpoints - AWS IoT Core

Configurable endpoints

With AWS IoT Core, you can configure and manage the behaviors of your data endpoints by using domain configurations. With domain configurations, you can generate multiple AWS IoT Core data endpoints, customize data endpoints with your own fully qualified domain names (FQDN) and associated server certificates, and also associate a custom authorizer. For more information, see Custom authentication and authorization.


This feature is not available in GovCloud AWS Regions.

You can use domain configurations to simplify tasks such as the following.

  • Migrate devices to AWS IoT Core.

  • Support heterogeneous device fleets by maintaining separate domain configurations for separate device types.

  • Maintain brand identity (for example, through domain name) while migrating application infrastructure to AWS IoT Core.

AWS IoT Core uses the server name indication (SNI) TLS extension to apply domain configurations. Devices must use this extension when they connect. They also must pass a server name that is identical to the domain name that you specify in the domain configuration. To test this service, use the v2 version of the AWS IoT Device SDKs in GitHub.

If you create multiple data endpoints in your AWS account, they will share AWS IoT Core resources such as MQTT topics, device shadows, and rules.

When you provide the server certificates for AWS IoT Core custom domain configuration, the certificates have a maximum of four domain names. For more information, see AWS IoT Core endpoints and quotas.